-1

We have a Dell 1950 with a DRAC. The DRAC is assigned an external IP and we don't have access to the firewall to create any rules to secure it.

Assuming the password is secure enough to avoid brute force attacks, can the DRAC have an external IP like this?

My gut says no, but I've always worked with the OS, never with the hardware.

Thanks!

Soviero
  • 4,366
  • 8
  • 36
  • 60
  • 1
    I personally wouldn't trust this to just a "sufficiently secure" password. Can the party that manages the firewall create the appropriate rules for you? – joeqwerty Mar 21 '15 at 22:18
  • 1
    Agreed with @joeqwerty. This should be behind a restrictive firewall, accessible via VPN. – EEAA Mar 21 '15 at 22:25

1 Answers1

2

DRAC firmware changelogs have security fixes just like anything else, you will want to keep up with those very closely if this is exposed. I'd trust it more if just TCP/443 were exposed. DRACs don't have much in the way of brute-force attack prevention, though.

sysadmin1138
  • 133,124
  • 18
  • 176
  • 300